Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[APM] Add permissions for "input-only" package #166234

Merged
merged 9 commits into from
Sep 25, 2023
Merged

[APM] Add permissions for "input-only" package #166234

merged 9 commits into from
Sep 25, 2023

Conversation

sorenlouv
Copy link
Member

@sorenlouv sorenlouv commented Sep 12, 2023
edited
Loading

Closes: #164936

This grants the necessary permissions to APM Server when running under fleet.

@apmmachine
Copy link
Contributor

🤖 GitHub comments

Expand to view the GitHub comments

Just comment with:

  • /oblt-deploy : Deploy a Kibana instance using the Observability test environments.
  • /oblt-deploy-serverless : Deploy a serverless Kibana instance using the Observability test environments.
  • run elasticsearch-ci/docs : Re-trigger the docs validation. (use unformatted text in the comment!)

@sorenlouv sorenlouv changed the title [APM] Add permissions for APM package [APM] Add permissions for "input-only" package Sep 12, 2023
@sorenlouv sorenlouv marked this pull request as ready for review September 19, 2023 08:32
@sorenlouv sorenlouv requested review from a team as code owners September 19, 2023 08:32
@botelastic botelastic bot added Team:APM All issues that need APM UI Team support Team:Fleet Team label for Observability Data Collection Fleet team labels Sep 19, 2023
@elasticmachine
Copy link
Contributor

Pinging @elastic/apm-ui (Team:APM)

@elasticmachine
Copy link
Contributor

Pinging @elastic/fleet (Team:Fleet)

sorenlouv
sorenlouv commented Sep 19, 2023
View reviewed changes
x-pack/plugins/fleet/server/services/agent_policies/package_policies_to_agent_permissions.ts
@@ -49,112 +50,114 @@ export async function storedPackagePoliciesToAgentPermissions(
return;
}

Copy link
Member Author

@sorenlouv sorenlouv Sep 19, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For reviewer: Remove whitespace to improve readability of this diff: https://github.com/elastic/kibana/pull/166234/files?diff=unified&w=1#r1329801250

yngrdyn
yngrdyn approved these changes Sep 20, 2023
View reviewed changes
Copy link
Contributor

@yngrdyn yngrdyn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

APM changes LGTM 🧑‍🏫

juliaElastic
juliaElastic approved these changes Sep 21, 2023
View reviewed changes
Copy link
Contributor

@juliaElastic juliaElastic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fleet changes LGTM

@sorenlouv sorenlouv force-pushed the add-permissions-apm-package branch 4 times, most recently from cba491a to 80e0fa1 Compare September 23, 2023 20:25
@sorenlouv sorenlouv enabled auto-merge (squash) September 24, 2023 18:27
@sorenlouv sorenlouv force-pushed the add-permissions-apm-package branch 2 times, most recently from 579c2ce to 9f8e63d Compare September 25, 2023 10:27
@kibana-ci
Copy link
Collaborator

💛 Build succeeded, but was flaky

Failed CI Steps

Test Failures

  • [job] [logs] FTR Configs #54 / serverless search UI empty pages should show search specific empty page in discover

Metrics [docs]

Public APIs missing comments

Total count of every public API that lacks a comment. Target amount is 0. Run node scripts/build_api_docs --plugin [yourplugin] --stats comments for more detailed information.

id before after diff
fleet 1083 1082 -1
Unknown metric groups

API count

id before after diff
fleet 1201 1200 -1

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@sorenlouv sorenlouv merged commit 4662960 into elastic:main Sep 25, 2023
26 checks passed
@kibanamachine kibanamachine added the backport:skip This commit does not require backporting label Sep 25, 2023
@sorenlouv sorenlouv deleted the add-permissions-apm-package branch September 26, 2023 07:21
@sorenlouv
Copy link
Member Author

✅ Test plan 8.11

Tested this by applying re-route processors.

Namespace re-routing

PUT _ingest/pipeline/traces-apm@custom
{
  "processors": [
    {
      "reroute": {
        "namespace": "{{agent.name}}" 
      }
    }
  ]
}

Traces were re-routed to .ds-traces-apm-nodejs-2023.10.05-000001

Dataset re-rerouting

PUT _ingest/pipeline/traces-apm@custom
{
  "processors": [
    {
      "reroute": {
        "dataset": "{{agent.name}}" 
      }
    }
  ]
}

Traces were rerouted to traces-nodejs-default

This means that nothing is broken as a result of the input-only packages changes and APM Server is still able to ingest as expected. Whether the new permissions actually work will be tested out in the next release when APM Server starts taking advantage of this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@axw axw axw left review comments

@gbamparop gbamparop gbamparop left review comments

@yngrdyn yngrdyn yngrdyn approved these changes

@juliaElastic juliaElastic juliaElastic approved these changes

Assignees
No one assigned
Labels
backport:skip This commit does not require backporting release_note:enhancement Team:APM All issues that need APM UI Team support Team:Fleet Team label for Observability Data Collection Fleet team v8.11.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[APM] Support APM integration as "input-only" package
9 participants
@sorenlouv @apmmachine @elasticmachine @kibana-ci @axw @yngrdyn @gbamparop @juliaElastic @kibanamachine